<?php
include('connect.php');

$USRID = $_SESSION['USRID'];
$adminEdit = false;
if($_SESSION['group'] == 'SYSADMIN' && isset($_GET['editusrid'])){
	$USRID = $_GET['editusrid'];
	$adminEdit = true;
}
elseif($_SESSION['group'] == 'SYSADMIN' && isset($_POST['EditUSRID'])){
	$USRID = $_POST['EditUSRID'];
	$adminEdit = true;
}

if(isset($_POST['save'])){
	$tables = array('USERS', 'ADDRESS');
	$primaryKeys = array($USRID, mysql_result(mysql_query("SELECT ADRID FROM USERS WHERE USRID ='$USRID'"), 0));
	updateQuery($tables, $primaryKeys);
}

$editmode = isset($_POST['edit']);
$deletemode = isset($_POST['delete']);

$user = mysql_query("SELECT * FROM USERS WHERE USRID =$USRID");
$address = mysql_query("SELECT * FROM ADDRESS WHERE ADRID=(SELECT ADRID FROM USERS WHERE USRID =$USRID)");

if($adminEdit) echo ('<h1>Viewing as Admin</h1><h2>User Information</h2>');
else echo ('<h1>Your Account</h1><h2>User Information</h2>');


if($editmode){

	echo('<form action="?page=akmuser" method="post">');
	
	$swaps = array(	'USRID'		=>	'SKIP',
					'ADRID' 	=>	'SKIP',
					'BLACKMARK'	=>	'SKIP',
					'USER_TYPE'	=>	'SKIP',
					'STATUS'	=>	'SKIP',
					'REGISTRATION_DATE' => 'SKIP',
					'EXPIRY_DATE'=>	'SKIP',
					'DEFAULT'	=>	'<input type="text" name="KEYMARKER" value="VALUEMARKER" />');
	
	if($adminEdit)
	$swaps = array(	'USRID'	=>	'SKIP',
					'ADRID' =>	'SKIP',
					'DEFAULT'	=>	'<input type="text" name="KEYMARKER" value="VALUEMARKER" />');
	
	printTable($user, $swaps);
	echo ('<h2>Address Information</h2>');
	printTable($address, $swaps);
	
	if($adminEdit) echo("<input type='hidden' name='EditUSRID' value='$USRID' />");
echo <<<_END
	<table>
	<TR>
	<TD>
	<input type="hidden" name="save" value="yes"/>
	<br/><input type="submit" value="Save"/>
	</form>
	</TD>
	<TD>
	<form action="?page=akmuser" method="post">
	<input type='hidden' name='EditUSRID' value='$USRID' />
	<input type="hidden" name="delete" value="yes"/>
	<br/>
	<input type="submit" value="Delete profile"/>
	</form>
	</TD>
	</TR>
	</table>
_END;
}

elseif (!$deletemode){
	$swaps = array(	'USRID'	=>	'SKIP',
					'ADRID' =>	'SKIP');
	printTable($user, $swaps);
	echo ('<h2>Address Information</h2>');
	printTable($address, $swaps);
	
	echo('<br/><form action="?page=akmuser" method="post">');
	if($adminEdit) echo("<input type='hidden' name='EditUSRID' value='$USRID' />");
	echo('<input type="hidden" name="edit" value="yes"/>');
	echo('<input type="submit" value="Edit"/>');
	echo('</form>');
}
else
{
	$sql = "DELETE FROM USERS WHERE $USRID=USRID;";
	$result = mysql_query($sql);
	if(!$result) echo "Delete Failed: $sql <br />" . mysql_error() . "<br /> <br />";
	else{
		echo "Delete successful";
		if ($USRID == $_SESSION['USRID']) include('logout.php');
	}
}

include('disconnect.php');

?>
